A quick Patch Tuesday retrospective, and then a look at what the threat groups are up to.
CyberWire Daily15 Nov 2023

A quick Patch Tuesday retrospective, and then a look at what the threat groups are up to.

A look back at Patch Tuesday. BlackCat uses malicious Google ads. Social engineering in the third quarter of 2023. Are small businesses in denial about ransomware? Molerats have some new tools. Israel turns to NSO Group's Pegasus to search for hostages taken by Hamas. Tim Starks from the Washington Post examines the potential aftermath of a Russian group hitting a Chinese bank. In our Learning Layer, Sam Meisenberg helps a student understand and create a strategy for the CISSP CAT. And a cyberespionage campaign is attributed to Russia's SVR. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/218 Selected reading. Adobe Releases Security Updates for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA) Fortinet Releases Security Updates for FortiClient and FortiGate (Cybersecurity and Infrastructure Security Agency | CISA) VMware Releases Security Update for Cloud Director Appliance (Cybersecurity and Infrastructure Security Agency | CISA) CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws (BleepingComputer) SAP Security Patch Day for November 2023 (Onapsis) The ALPHV/BlackCat Ransomware Gang is Using Google Ads to Conduct… (eSentire) Q3 2023 Threat Landscape Report: Social Engineering Takes Center Stage (Kroll) OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap (OpenText Blogs) TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities (Proofpoint) Israel's NSO unleashes controversial spyware in Gaza conflict (Axios) APT29 Attacks Embassies Using CVE-2023-38831 (NCSCC) Cyber-espionage operation on embassies linked to Russia’s Cozy Bear hackers (Record) Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(3694)

For hackers, sharing is caring.

For hackers, sharing is caring.

CISA warns of active SharePoint attacks. The NSA pushes coordinated vulnerability disclosure. ClickLock Stealer targets macOS. Splunk and Zoom patch critical flaws. Spirals ransomware strikes in under...

16 Jul 30min

Patchapalooza packs a punch.

Patchapalooza packs a punch.

Patch Tuesday. SonicWall urges immediate patching of actively exploited vulnerabilities. The White House launches an AI-backed vulnerability clearinghouse. The Air Force contends with widespread cybe...

15 Jul 24min

The ransomware toll road.

The ransomware toll road.

Treasury sanctions a VPN provider tied to ransomware. The Pentagon hits pause on CMMC audits. Critical flaws surface in Google Cloud’s Dialogflow CX. Estée Lauder discloses a data breach. Mobile netwo...

14 Jul 26min

State of the router.

State of the router.

The U.S. and its allies warn of Russian cyber threats targeting critical infrastructure as Europe rolls out new sanctions. Apple sues OpenAI over alleged trade secret theft. Progress investigates a po...

13 Jul 26min

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

As the world prepares itself for quantum computing, governments and private space enterprises alike are looking to get ahead of the technology and manage the rapidly-accelerating risks. In this week’...

12 Jul 21min

Conti-versal opinions. [Research Saturday]

Conti-versal opinions. [Research Saturday]

Today we are joined by Geoff White, host of Cyber Hack and BBC journalist, taking a deep dive into the Conti ransomware gang. Geoff explores an in-depth investigation into the notorious Conti ransomwa...

11 Jul 29min

GoshDarn it, that’s advanced.

GoshDarn it, that’s advanced.

Researchers track ransomware they say is getting GoshDarn sophisticated. Zimbra patches a critical vulnerability affecting its Classic Web Client. A sophisticated vishing campaign targeting Microsoft ...

10 Jul 25min

Who you gonna call?

Who you gonna call?

GhostApproval puts AI coding assistants under the microscope. Microsoft fixes the RoguePlanet zero-day. More than 70 cybersecurity firms back a new AI Charter. An Ohio county may have paid a $1 millio...

9 Jul 24min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden-usa
fotballpodden-2
aftenpodden
forklart
stopp-verden
popradet
det-store-bildet
rss-gukild-johaug
hanna-de-heldige
rss-ness
aftenbla-bla
nokon-ma-ga
dine-penger-pengeradet
rss-penger-polser-og-politikk
lydartikler-fra-aftenposten
rss-utenrikskomiteen-med-bogen-og-grasvik
rss-hor-na-krim-2
e24-podden
unitedno